Providers of digital video content or audio content are reluctant to deliver this content over the Internet without effective content protection. While the technology exists for content providers to provide content over the Internet, digital content by its very nature is easy to duplicate either with or without the owner's authorization. The Internet allows the delivery of the content from the owner, but that same technology also permits widespread distribution of unauthorized, duplicated content.
Digital Rights Management (DRM) is a digital content protection model that has grown in use in recent years as a means for protecting file distribution. DRM usually encompasses a complex set of technologies and business models to protect digital media or other data and to provide revenue to content owners.
Many known DRM systems use a storage device, such as a hard disk drive component of a computer, that contains a collection of unencrypted content (or other data) provided by content owners. The content in the storage device resides within a trusted area behind a firewall. Within the trusted area, the content residing on the storage device can be encrypted. A content server receives encrypted content from the storage device and packages the encrypted content for distribution. A license server holds a description of rights and usage rules associated with the encrypted content, as well as associated encryption keys. (The content server and license server are sometimes part of a content provider system that is owned or controlled by a content provider (such as a studio) or by a service provider.) A playback device receives the encrypted content from the content server for display and receives a license specifying access rights from the license server.
Some DRM processes consist of requesting an item of content, encrypting the item with a content key, storing the content key in a content digital license, distributing the encrypted content to a playback device, delivering a digital license file that includes the encrypted content key to the playback device, and decrypting the content file and playing it under the usage rules specified in the digital license. However, a security issue can arise in this process. The content provider sometimes can lose control over the content's security and distribution once the encrypted content and associated digital license file are transmitted to and stored on the playback device. Although the playback device may include a trusted area where the encrypted content is decrypted and decoded, the trusted area on a playback device can be less secure than a trusted area maintained directly by the content provider system.
Moreover, many DRM systems operate on the principle that a client or playback device is required to acquire its own digital license to the protected content from a license server controlled by the content provider, and that the client remains the sole owner of that digital license.
However, such known DRM schemes can lack flexibility in that the owner of the playback device may be limited to the rendering or use of the content on only that one device and be prohibited from using the content on other of his/her devices. Moreover, content owners may desire to make content available to a larger organization, such as a hotel or college dormitory, which in turn can be permitted to distribute the content to customers or residents under conditions that can be controlled by the content owner.
Thus an improved method and system of protection mechanisms is desirable to accomplish delivery of protected data or media.